Creating a set of permissions

About this task

You can create a set of permissions that can be saved and used to define the policies and permissions for a temporary access request session.

To create a set of permissions, complete the following steps in the BigFix® Remote Control Server:

Procedure

  1. Click Admin > New Permission Set.
    The Edit Permission Set screen is displayed.
  2. Type in a name for the permissions set in the Set Name field.
  3. Choose the appropriate method for enabling the policies
    • To enable every policy, click Enabled?.
    • Select the check box next to each policy that you want to enable.
  4. Set the priority for each enabled policy.
    The default priority value is the value that is displayed first in the list when the Edit Permission Set screen is displayed and is set by the trc.default.request.priority property in trc.properties file. For more information about editing the properties files, see Editing the properties files.
    5
    This value is the highest priority. This value overrides any existing policies that might exist between the user and target.
    1
    This value overrides any existing priority 0 policies that might exist between the user and target.
    0
    This value is the lowest priority. Any existing policy in effect between the user and target that is of a higher priority overrides this policy.
  5. Set or enter a value for the enabled properties.
    For more information about the definitions and values for the policies, see Server session policies.
    Set to Yes
    The policy is in effect during the temporary session. depending on the priority that is set for it.
    Set to No
    The policy is not in effect during the temporary session. However, if the priority is set to 0 or 1, an existing policy of priority 5 Yes overrides this No value.
  6. Click Submit.

Results

The permissions set is created. You can select the set whenever you are granting a temporary access request so that you can enable and set values for specific policies without having to manually select each one.